Schneier on Security

Balancing security and functionality is nothing new. But is there a way to fairly allocate the security costs to the users who benefit from the functionality? We ask the LinuxWorld OpenSolutions Summit keynote speaker Bruce Schneier.

LinuxWorld: Welcome to the Linux World Podcast. Hi, I’m Don Marti, and I’m here with Bruce Schneier from Counterpane Internet Security. Welcome, Bruce.

Bruce Schneier: Thanks for having me.

LinuxWorld: Why don’t companies buy more secure software, or at least why don’t they buy less insecure software?

Schneier: You know those of us in the security industry have been wringing our hands over that question for years, for decades. Why don’t they do it? There are a couple of reasons. The first is—it’s sometimes hard to tell what a secure product is. I can hold up two products; they use the same buzzwords. They have the same protocol standards. What is secure, and what isn’t? And you don’t know. And these might be security products. These might be networking products or office products. It’s very hard to tell what a secure product is and what an insecure product is. That’s reason one…